Finding proven deployment methods and governance for managing virtualized applications across a lifecycle is an essential ingredient in making SOA and cloud-computing approaches as productive as possible while avoiding risk and complexity. The goal is to avoid having to rewrite code in order for applications to work across multiple clouds -- public, private or hybrids.

The cloud forces the older notion of "write-once, run anywhere" into a new level of "deploy correctly so you can exploit the benefits of cloud choices and save a lot of money."

We're once again facing a similar situation now where enterprises are taking a very tough look at their data center expenditures and expansions that they're planning for the data center. ... The [economic downturn] is going to have folks looking very hard at large-scale outlays of capital for data centers.

I believe that will be a catalyst for folks to consider a variable-cost approach to using infrastructures or service, perhaps platform as a service (PaaS). All these things roll up under the notion of cloud.

Virtualization provides isolation for applications running their own logical server, their own virtual server. ... Virtualization gives you -- from a business perspective -- an opportunity to decouple the definition of the application from the system that it runs on. ... Then, at run-time, you can decide where you have capacity that best meets needs of the profile of an application.

I can begin sourcing infrastructure a little more dynamically, based upon the load that I see. Maybe I can spend less on the capital associated with my own data center, because with my application defined as this independent unit, separate from the physical infrastructure I'll be able to buy infrastructure on demand from Amazon, Rackspace, GoGrid, these folks who are now offering up these virtualized clouds of servers.

That's the architecture we're evolving toward. ... For legacy applications, there's not going to be much opportunity. [But] they may actually consider this for new applications that would get some level of benefit by being close to other services.

[If] I can define my application as a working unit, I may be able to choose between Amazon or my internal architecture that perhaps has a VMware basis, or a Rackspace, GoGrid, or BlueLock offering.

Another big consideration for these enterprises now is do I have workloads that I'm comfortable running on Linux right now, and so can I a take a step forward and bind Linux to the workload in order to take it to wherever I want it to go.

rPath brings a capability around defining applications as virtual machines (VMs), going through a process whereby you release those VMs to run on whichever cloud of your choosing, whether a hypervisor virtualized cloud of machines, such as what's provided by Amazon, or what you can build internally using Citrix XenSource or something like VMware's virtual infrastructure.

It then provides an infrastructure for managing those VMs through their lifecycle for things such as updates for backup and for configuration of certain services on the machines in a way that's optimized to run a virtualized cloud of systems. We specialize in optimizing applications to run as VMs on a cloud or virtualized infrastructure.

With our technology, we enforce a set of policies that we learned were best practices during our days at Red Hat when constructing an operating system. We've got some 50 to 60 policies that get enforced at build time, when you are building the VM. They're things like don't allow any dangling symlinks, and closing the dependency loop around all of the binary packages to get included. There could be other more corporate-specific policies that need to be included, and you would write those policies into the build system in order to build these VMs.

It's very similar to the way you put policies into your application lifecycle management (ALM) build system when you were building the application binary. You would enforce policy at build time to build the binary. We're simply suggesting that you extend that discipline of ALM to include policies associated with building VMs. There's a real opportunity here to close the gap between applications and operations by having much of what is typically been done in installing an application and taking it through Dev, QA and Test, and having that be part of an automated build system for creating VMs.

People are still thinking about the operating system as something that they bind to the infrastructure. In the new case, they're binding the operating system to the hypervisor and then installing the application on top of it. If the hypervisor is now this bottom layer, and if it provides all the management utilities associated with managing the physical infrastructure, you now get an opportunity to rethink the operating system as something that you bind to the application.

When you bind an operating system to an application, you're able to eliminate anything that is not relevant to that application. Typically, we see a surface area shrinking to about 10 percent of what is typically deployed as a standard operating system. So, the first thing is to package the application in a way that is optimized to run in a VM. We offer a product called rBuilder that enables just that functionality.

If you prove to yourself that you can do this, that you can run [applications] in both places (cloud and on-premises), you've architected correctly. ... That puts you in a position where eventually you could run that application on your local cloud or virtualized environment and then, for those lumpy demand periods -- when you need that exterior scale and capacity -- you might just look to that cloud provider to support that application [at scale].

There's a trap here. If you become dependent on something associated with a particular infrastructure set or a particular hypervisor, you preclude any use in the future of things that don't have that hypervisor involved. ... The real opportunity here is to separate the application-virtualization approach from the actual virtualization technology to avoid the lock-in, the lack of choice.

If you do it right, and if you think about application virtualization as an approach that frees your application from the infrastructure, there is a ton of benefit in terms of dynamic business capability that is going to be available to your organization.

A recent webinar captures the IDC findings and shows how Hewlett-Packard (HP) is working to help companies adopt SOA successfully. That webinar is now captured as a podcast, transcript and blog.

Join me as I moderate a SOA market adoption trends presentation by Sandy Rogers, program director for SOA, Web services, and integration research at IDC. Sandy is followed by a presentation on SOA lifecycle approaches by Kelly Emo, SOA product marketing manager for HP Software.

Here are some excerpts:

Sandy Rogers: Organizations are looking for much more consistency across enterprise activities and views, and are really finding a lot of competitive differentiation in being able to manage their processes more effectively. That requires the ability to stand across different types of systems and to respond -- whether in a reactive mode or a proactive mode -- to opportunities.

The issue is not necessarily deciding if they should go toward SOA. What we're finding is that for most organizations this is the way that they are going to move, and the question is just navigating how to best do that for the best value and for better success.

According to the same poll ... What are most interesting are the top challenges in implementing SOA. All of our past studies reinforced that skills, availability of skills, and training in SOA continue to be a number one challenge. What’s really noticeable now is that setting up an SOA governance structure has reached the second most-indicated challenge.

We found in other studies that a lot of organizations did not have strong governance. SOA almost forces these companies to do what they should have been doing all along around incorporating the right procedures around governance, and making that a non-intrusive approach.

... What this is telling us is that we have reached another stage of maturity, and that in order to move forward organization will need to think about SOA as an overall program, and how it impacts both technology and people dimensions within the organization. ... We are indeed moving from project- and application-level SOA to more of a system and enterprise scale.

We [also] wanted to look at how SOA's success is actually defined, ... and what factors and practices in these organizations that are successful have the most impact. ... While technologies are key enablers, most of the study participants focused on organizational and program dynamics as being key contributors to success. Through technology, they are able to influence the impact of the activities that they are introducing into the overall SOA program.

The pervasiveness of SOA adoption in the enterprise was a key determinant of how ... they were being successful. ... If you’re able to handle trust, you’re able to influence organizational change management effectiveness. If you’re able to address business alignment, then you’ll have much more success in understanding the impact on architecture and vice versa.

Domains of SOA success

When we gathered all of this information ... we created a framework of varying components, and elements that impacted success. Then, we aggregated these into seven key domains. ... The seven domains are: Business Alignment, Organizational Change Management, Communication, Trust, Scale and Sustainability, Architecture and Governance. [See full transcript or listen to the podcast for more detail on each domain.]

We found that enforcing policies, not putting off governance until later on, was very important, [as well as] putting more efforts into business modeling, which many of these organizations are doing now. They said that they wished they had done a little bit more when thinking about the services that were created, focusing on preparing the architecture for much more process and innovation.

Kelly Emo: You heard from IDC the seven critical SOA success factors that came from this in-depth analysis of customers. The point that I want to reiterate here that was so powerful in this discussion is the idea that the seven domains are linked. By putting energy and effort in any one of them, you are setting yourself up for more success across the board.

... We see many of our customers now crossing the enterprise scalability divide with their SOA, looking to incorporate SOA into their mainstream IT organizations, and they’re seeing the benefits of that initial investment in governance help them make that leap.

SOA governance is all about helping IT get to the expected business benefits of their SOA. You can think of SOA governance, in essence, as IT's navigation system to get to the end goal of SOA. What it's going to help IT do, as they look to scale SOA out, is to more broadly foster trust across those distributed domains. It's going to help become a catalyst for communication and collaboration, and it's going to help jump-start that non-expert staff.

The thing that's key about governance is that it helps integrate those silos of IT. It helps integrate the folks who are responsible for designing services with those who actually have to develop the back end implementations and with those who are doing the testing of performance and functionality. Alternately, it integrates them with the organizations that are responsible for both deploying the services and the policies and integration logic that will support accessing those services.

Keeping a perspective on lifecycle governance, your organization can be primed and ready to handle SOA, as it scales, as more and more services go into production, and more and more services are deemed to be ready for consumption and reuse into new composite applications. ... The key is to keep a service lifecycle governance perspective in mind, as you go about your governance program, and automation is key. ... Automating policy compliance can bring a huge pay off.

What we are finding more and more now is that organizations are actually investing in a role known as service manager, someone who oversees the implication of not only delivering a service over time, but those that are consuming it. I see this as a best practice that can be supported by SOA governance, and which helps empower them by giving them a foundation to set up policies and have visibility in terms of how this service is meeting its objective and who is consuming the service.

You can actually get a dialog going between your enterprise architecture and planning teams, your development teams, and your testing teams, in terms of the expectations, and requirements right upfront, as the concept of the service is being ferreted out.

So why invest in SOA governance now ... [when] we’re under a lot of economic pressure, budgets are tight, there's fewer resources to do the same work? This sounds counter-intuitive, absolutely, but this is the right time to make that investment in SOA governance, because the benefits are going to pay off significantly.

The topic is a no-brainer. Old apps that waste money need to come out to the web services and RIA model and join the grand mashup.

Application modernization is one of those IT initiatives that packs the one-two wallop of cutting costs while improving agility and business outcomes. That combination of doing more for less makes so much sense these days, and it may be the new number one requirement for any IT budget.

Services and logic locked up in mainframes, COBOL, n-tier Java, and other 3-4GL client-server implementations can find a new life as rich Internet services on virtualized or standard hardware and platforms. The process recovers past investments, closes down wasteful operations spending, and extends value into the platforms that operate at peak efficiency and lower costs. Hard to argue.

Remember the wave of ROI studies back in 2003? Well now you need ROI plus provable business improvements of the qualitative variety. Application modernization fits the bill because application sprawl wastes server utilization, leaves apps and data in silos that resist services orientation and prevents the sun-setting of older, expensive platforms -- plus you can do all kinds of innovative things with the services you couldn't do before.

Oh, and getting these services into a SOA and on virtualized platforms opens the door to more exploitation of cloud and SaaS models, as they make more sense.

I'll be discussing the rationale for application modernization, how to target which apps and platforms, what processes need to be in place, and how to scale app modernization projects appropriately. Joining me on the webinar will be David McFarlane, COO at Nexaweb. [Disclosure: Nexaweb is a sponsor of BriefingsDirect podcasts.]

McFarlane, no doubt, will be explaining how the Nexaweb Reference Framework is engineered to reduce the time, costs, and architectural decisions associated with modernizing business applications and bringing them to the Web.

I like the idea of app modernization for mainframe and COBOL code, but Nexaweb goes further in terms of the webification trend: Sybase PowerBuilder, Microsoft Visual Basic, Oracle Forms and other 3GL/4GL-based applications are what it has in mind, with as much as 67 percent in total costs savings in early customer implementations, says Nexaweb.

Sign up to listen in and watch the slides go by. Q&A to follow. Should be fun.

The critical and global problem of energy management for IT operations and data centers has emerged as both a cost and capacity issue. The goal is to find innovative means to conserve electricity use so that existing data centers don't need to be expanded or replaced -- at huge cost.

In order to promote a needed close matching of tight energy supply with the lowest IT energy demand possible, the entire IT landscape needs to be considered. That means an enterprise-by-enterprise examination of the "many sins" of energy mis-management. Wasted energy use, it turns out, has its origins all across IT and business practices.

To learn more about how enterprises should begin an energy-conservation mission, I recently spoke with Ian Jagger, Worldwide Data Center Services marketing manager in Hewlett-Packard's (HP) Technology Solutions Group, and Andrew Fisher, manager of technology strategy in the Industry Standard Services group at HP.

Here are some excerpts:

Data centers typically were not designed for the computing loads that are available to us today ... (and so) enterprise customers are having to consider strategically what they need to do with respect to their facilities and their capability to bring enough power to be able to supply the future capacity needs coming from their IT infrastructure.

Typically the cost of energy is now approaching 10 percent of IT budgets and that's significant. It now becomes a common problem for both of these departments (IT and Facilities) to address. If they don't address it themselves then I am sure a CEO or a CFO will help them along that path.

Just the latest generation server technology is something like 325 percent more energy efficient in terms of performance-per-watt than older equipment. So simply upgrading your single-core servers to the latest quad-core servers can lead to incredible improvements in energy efficiency, especially when combined with other technologies like virtualization.

Probably most importantly, you need to make sure that your cooling system is tuned and optimized to your real needs. One of the biggest issues out there is that the industry, by and large,drastically overcools data centers. That reduces their cooling capacity and ends up wasting an incredible amount of money.

You need to take a complete end-to-end solution that involves everything from analysis of your operational processes and behavioral issues, how you are configuring your data center, whether you have hot-aisle or cold-aisle configurations, these sorts of things, to trying to optimize the performance or the efficiency of the power delivery, making sure that you are getting the best performance per watt out of your IT equipment itself.

The best way of saving energy is, of course, to turn the computers off in the first place. Underutilized computing is not the greatest way to save energy. ... If you look at virtualizing the environment, then the facility design or the cooling design for that environment would be different. If you weren't in a virtualized environment, suddenly you are designing something around 15-35 kilowatts per cabinet, as opposed to 10 kilowatts per cabinet. That requires completely different design criteria.

You’re using four to eight times the wattage in comparison. That, in turn, requires stricter floor management. ... But having gotten that improved design around our floor management, you are then able to look at what improvements can be made from the IT infrastructure side as well.

If you are able to reduce the number of watts that you need for your IT equipment by buying more energy efficient equipment or by using virtualization and other technologies, then that has a multiplying effect on total energy. You no longer have to deliver power for that wattage that you have eliminated and you don't have to cool the heat that is no longer generated.

This is a complex system. When you look at the total process of delivering the energy from where it comes in from the utility feed, distributing it throughout the data center with UPS capability or backup power capability, through the actual IT equipment itself, and then finally with the cooling on the back end to remove the heat from the data center, there are a thousand points of opportunity to improve the overall efficiency.

We are really talking about the Adaptive Infrastructure in action here. Everything that we are doing across our product delivery, software, and services is really an embodiment of the Adaptive Infrastructure at work in terms of increasing the efficiency of our customers' IT assets and making them more efficient.

To complicate it even further, there are lot of organizational or behavioral issues that Ian alluded to as well. Different organizations have different priorities in terms of what they are trying to achieve.

The principal problem is that they tend to be snapshots in time and not necessarily a great view of what's actually going on in the data center. But, typically we can get beyond that and look over annualized values of energy usage and then take measurements from that point.

So, there is rarely a single silver bullet to solve this complex problem. ... The approach that we at HP are now taking is to move toward a new model, which we called the Hybrid Tiered Strategy, with respect to the data center. In other words, it’s a modular design, and you mix tiers according to need.

This is another choice that's available for customers. Some of the folks who are looking at it first are the big scale-out infrastructure Web-service companies and so forth. The idea here is you take one of these 40-foot shipping containers that you see on container ships all over the place and you retrofit it into a mini data center.

... There’s an incredible opportunity to reclaim that reserve capacity, put it to good use, and continue to deploy new servers into your data center, without having to break ground on a new data center.

... There are new capabilities that are going to be coming online in the near future that allow greater control over the power consumption within the data center, so that precious capacity that's so expensive at the data center level can be more accurately allocated and used more effectively.